IT SECURITY SPECIALIST IV - Information Systems Security

RCG is a growing federal contracting company and Certified as a Great Place to Work. We are looking for strongly qualified people to help support our clients. We are currently seeking an IT SECURITY SPECIALIST IV to support a current proposal effort with our customer located in Washington, DC (with an additional location in Hillcrest Heights, MD).

Please note: Due to the secure nature of this government agency, all candidates must be U.S. citizens and be eligible for a Public Trust clearance.

The successful candidate will receive a contingent offer based on the outcome of a government background check. This may take several weeks, and the candidate cannot begin actual employment until the background check is successfully completed.

The IT SECURITY SPECIALIST IV is responsible for developing and managing Information Systems security, including disaster recovery, database protection and software development. Analyzes information security systems and applications and recommends and develops security measures to protect information against unauthorized modification or loss. Familiar with a variety of the field's concepts, practices, and procedures. Relies on experience and judgment to plan and accomplish goals. Performs a variety of complicated tasks. May lead and direct the work of others. Typically reports to a project leader or manager. A wide degree of creativity and latitude is expected.

Responsibilities include, but are not limited to:

• Identify key stakeholders in Assessment & Authorization (A&A) efforts and ensure system documentation reflects current system security configurations to include hardware and software components, data flow, interconnections, and ports, protocols, and services, etc.
• Maintain cybersecurity procedures and processes as assigned.
• Analyze, interpret, and apply Federal cybersecurity guidance to customer needs.
• Communicate the security posture of systems through designated reporting mechanism.
• Assist in preparation and review documentation to include System Security Plans (SSPs), Risk Assessment Reports (RAR), and other A&A artifacts.
• Assist in the research and address information security issues as required and develop and maintain the Plan of Action and Milestones (POA&M) and support remediation activities.
• Develop and advise development of A&A artifacts and security documentation to include, but not limited to System Security Plans (SSP), POA&M, Contingency Plan, Incident Response Plan, Configuration Management Plan.
• Assist with pre-assessment preparation.
• Perform RMF activities to achieve Authority to Operate (ATO).
• Perform continuous monitoring of security controls to ensure that they are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the cybersecurity requirements for assigned IT systems.
• Advise system owners on all matters, technical and otherwise, involving the security of assigned IT systems.
• Strong verbal and written skills required providing management status reports and document system changes.
• Analyze problems and provide focused solutions to effectively communicate information to various audiences verbally and through written communications.

Clearance:

• Existing Public Trust, or the ability to obtain one.

Basic Qualifications - Required Experience, Skills:

• Six to eight (6-8) years of relevant experience.
• Bachelor's Degree.
• Excellent communication skills in the English language - both verbal and written.

Desired Experience, Skills, Knowledge:

• Must possess one of the following certifications: CAP, GIAC, GSLC, CISM, CRISC, CISSP, or CASP.
• Experience with IT tools, systems, and reporting mechanisms and requirements for A&A.
• Experience in information assurance, e.g., accreditation, security testing and evaluation.
• Experience working on high performing A&A teams, including adapting industry standards to create ISC "best practices".

Physical Demands: Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

RCG, Inc. does not discriminate against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibits discrimination against all individuals based on their race, color, religion, sex, sexual orientation/gender identity, or national origin.